Node.js Mongoose without storing connection string in plain text

Question

From the docs, a basic mongoose connection string is mongoose.connect('mongodb://username:password@host:port/database?options...');.

The problem is that the username:password are stored in plain text in the source code. The attack vector we are worried about is if someone was to get access to our source code they also have access to the database.

What are some strategies to avoid this vulnerability?

1. I could encrypt the password and then decrypt the password prior to connecting, but then again if someone gets access to our source code they would also have access to our decryptor, since the decryptor is required prior to connection.

If someone was to gain root access to a server I believe we are up a creek no matter what, but is there a way to make it so that someone can't just get access to our source code and then compromise our DBs?

Answer 1

You are right in thinking that if someone gets access to the server itself it doesn't matter, so the data can be exposed in plain text on the server, but encrypting it wouldn't hurt (for example if you're looking at the file that has it).

There are two strategies for dealing with this:

1. Pass the password or other sensitive data in as part of the environment a-la Heroku
2. Include a configuration file that is not version controlled that contains sensitive data (encrypted or otherwise).

For example if you were hosting on Heroku your config might look like:

{
    "development": {
        "db": "mongodb://localhost/app_devel"
    },
    "production": {
        "db": process.env.MONGOLAB_URI
    }
}